[Casper] lpadmin script
Quade Boman
Quade_Boman at beavton.k12.or.us
Wed Jul 29 09:51:20 PDT 2009
If you still just wanted to add a directory group to the local admin group
using a script via a Casper policy, you don't need to supply the -p flag
and a password. Casper runs scripts as root on the local workstation.
For example, this is what we use:
/usr/sbin/dseditgroup -o edit -n /Local/Default -a od-staff-all -t group
lpadmin
where od-staff-all is our all staff group. You could change to using a
username there as well, such as with Casper's script parameters.
>Message: 16
>Date: Wed, 29 Jul 2009 10:49:07 -0500
>From: Alan Benedict <abenedict at integer.com>
>Subject: Re: [Casper] lpadmin script
>To: "Nguyen, Tommy" <Tommy.Nguyen at raytownschools.org>
>Cc: "casper at list.jamfsoftware.com" <casper at list.jamfsoftware.com>
>Message-ID:
> <5fe906620907290849w2749805an47e248ea4f9b9c57 at mail.gmail.com>
>Content-Type: text/plain; charset="utf-8"
>
>Would you mind sharing the settings you used with the rest of us? :)
>--
>Alan Benedict
>?
>Macintosh Technician
>The Integer Group
>O: 515-247-2738
>C: 515-770-8234
>http://www.integer.com
>
>
>
>On Wed, Jul 29, 2009 at 9:53 AM, Nguyen, Tommy <
>Tommy.Nguyen at raytownschools.org> wrote:
>
>> I created the printer MCX preferences and pushed them out to all the
>macs
>> in my district and it worked so far.
>>
>>
>>
>> Thank you guys for helping.
>>
>>
>>
>> *From:* casper-bounces at list.jamfsoftware.com [mailto:
>> casper-bounces at list.jamfsoftware.com] *On Behalf Of *Steve Wood
>> *Sent:* Wednesday, July 29, 2009 9:45 AM
>> *To:* Alan Benedict
>> *Cc:* casper at list.jamfsoftware.com
>>
>> *Subject:* Re: [Casper] lpadmin script
>>
>>
>>
>> You would use the "-p" flag in the dseditgroup command and put the
>password
>> right after it.
>>
>>
>>
>> From the Apple article, network user:
>>
>>
>>
>> dseditgroup -o edit -n /Local/Default -u admin -p <adminpassword> -a
>> printerusers -t group lpadmin
>>
>>
>>
>> Mobile user:
>>
>>
>>
>> dseditgroup -o edit -n /Local/Default -u admin -p <adminpassword> -a
>> student -t user lpadmin
>>
>>
>>
>>
>>
>> Thomas
>> - in the JSS in 7 you can now create MCX preferences to push out. And
>not to be a goob about it, but starting on page 302 of the Casper 7
>manual, they lay out everything about Managed Preferences. It is fairly
>simple to do, and during the creation of the profile you give that MCX
>pref a scope of machines to work on.
>>
>>
>>
>> Make sense?
>>
>>
>>
>>
>>
>> Steve Wood
>> Director of IT
>> swood at integer.com
>>
>> The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
>> T 214.758.6813 | F 214.758.6901 | C 940.312.2475
>>
>> On Wed, Jul 29, 2009 at 9:12 AM, Alan Benedict <abenedict at integer.com>
>> wrote:
>>
>> If one did want to put the password in the script for testing, where
>would
>> I put it? I tried putting the password on the next line in the script,
>but
>> it throws an error when the script is run because it tries to run the
>> password as a command.
>> --
>> Alan Benedict
>> ?
>> Macintosh Technician
>> The Integer Group
>> O: 515-247-2738
>> C: 515-770-8234
>> http://www.integer.com
>>
>>
>>
>>
>> *From:* casper-bounces at list.jamfsoftware.com [mailto:
>> casper-bounces at list.jamfsoftware.com] *On Behalf Of *Thomas Larkin
>> *Sent:* Tuesday, July 28, 2009 1:57 PM
>> *To:* Steve Wood
>> *Cc:* Tommy Nguyen; casper at list.jamfsoftware.com
>> *Subject:* Re: [Casper] lpadmin script
>>
>>
>>
>> Steve,
>>
>>
>>
>> Would you please extrapolate on this? As I am going to migrate to
>version
>> 7 here really soon and would love to just push out MCX instead.
>>
>>
>>
>> Thanks
>>
>>
>>
>> Tom
>>
>> >>> Steve Wood <swood at integer.com> 07/28/09 3:51 PM >>>
>> And, if you are using Casper 7 you can now push an MCX pref to not
>require
>> admin privs to add printers.
>>
>> Steve Wood
>> Director of IT
>> swood at integer.com
>>
>> The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201
>> T 214.758.6813 | F 214.758.6901 | C 940.312.2475
>>
>> On Tue, Jul 28, 2009 at 3:30 PM, Thomas Larkin
>>
>> <tlarki at kckps.org>
>>
>> wrote:
>>
>> Tommy
>>
>>
>>
>> Ever think of adding printers in Casper Admin then adding them as a self
>> service install and limiting the scope of clients to what printers you
>want
>> them to install.
>>
>>
>>
>> I looked at that hint and it only allows the "add printer app" to run,
>and
>> it won't allow for users to add it via System Prefs. Every user is part
>of
>> the _lpadmin group but I couldn't get it to work either really.
>>
>>
>>
>> Also are you running that as a log in hook? Because casper will only
>use $3
>> as the current user when using it as a log in hook. If you run it as a
>log
>> in policy it should run as root and not ask for the password.
>>
>>
>>
>> -Tom
>>
>>
>>
>>
>> >>> "Nguyen, Tommy" <Tommy.Nguyen at raytownschools.org> 07/28/09 3:21 PM
>>>>
>>
>>
>>
>> Hello,
>>
>>
>>
>> Can someone help me figure this script out? I am trying to setup rights
>for
>> my network mobile users and they don?t have rights to add printers.
>>
>> But I found some help from apple that would let local and network users
>to
>> add printers without being administrators.
>>
>> http://support.apple.com/kb/HT3511
>>
>>
>>
>> When you add them to the user group of lpadmin it would ask for password
>> from the command line.
>>
>>
>>
>> dseditgroup -o edit -p -d admin -t group _lpadmin
>>
>> dseditgroup -o edit -n /Local/Default -u admin -p -a $3 -t user lpadmin
>> (this line would ask for user of admin password, no idea where to add
>if I
>> put it in the script?)
>>
>>
>>
>> Thank you in advanced.
-------------------------------------------------------
Quade Boman | Beaverton School District
-------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20090729/16567741/attachment.htm
More information about the Casper
mailing list